John Edwards

ICO sets out new targets for improvement

Information Commissioner John Edwards launching his new strategy

John Edwards is clearly adapting to life in the UK, seven months after he arrived here from New Zealand to take up the role of Information Commissioner.

Launching his three-year strategic plan for the Information Commissioner’s Office yesterday, he succeeded in saying ‘day-ta’ most of the time, although he did manage to come out with at least one ‘dar-ta’.

While data protection (however pronounced) is certainly the main focus of his attention and indeed the dominant activity within his budget, the new Edwards plan is also important for those concerned about the FOI side of the ICO’s work.

To his credit Edwards has recognised publicly as well as privately that the substantial delays in the ICO’s handling of FOI complaints are not acceptable. In his speech he said that the administering of FOI law ‘requires fundamental change, and that change has to start in my office’.

He and his team have also shown a welcome willingness to engage with the FOI community and discuss (in his words) ‘how we fix a system that clearly needs fixing’.

As the ICO leadership itself recognises, things are now at the stage where requesters need to start seeing practical results rather than just hearing expressions of intention.

As part of its plan the ICO announced new objectives for its work on handling complaints under FOI law and the Environmental Information Regulations (EIR). These include:
• ensuring that less than 1% of its caseload is over 12 months old
• reaching a decision on 80% of complaints within six months
• ensuring that 66% of tribunal appeal decisions go in the ICO’s favour

The current serious casework delays are illustrated by new up-to-date statistics which the ICO also released yesterday, with a commitment to do this regularly.

This is a valuable improvement, because in recent periods the ICO has only been publishing an inadequate series of datasets which are outdated, patchy and limited to closed cases.

The latest figures (for end of June 2022) show that 7.2% of active cases were over 12 months old. The ICO had reached a ‘first decision’ within six months on only 67.7% of cases.

The new dataset of open casework reveals that the ICO is still investigating one complaint relating to Brent Council nearly 26 months after it was made in May 2020.

There are 25 FOI/EIR cases that were still unresolved over 18 months after they were received. Of these, one of them actually involves a complaint about the ICO itself.

But the public authority which features by far the most frequently in these long-delayed cases is the Cabinet Office, which accounts for nearly half of them – 11 of the 25 involve complaints about its refusal to supply information requested. It is not clear whether this is because the Cabinet Office handles especially tricky issues or whether it is particularly slow and difficult about cooperating with ICO investigations, or indeed both.

As for the ICO’s performance objective for when its decisions are appealed by dissatisfied requesters or authorities, I have done a very quick analysis of tribunal cases so far this year, and the target of 66% appears pretty close to the current success rate. My rough calculation produced a figure of 68% (it is based on the summary outcome listed on the tribunals website without checking the details of individual cases).

ICO staff accept that some of their decision notices will inevitably get overturned, but there is always a risk that faster processing of cases can lead to more reversals later.

The ICO says its new approach will include more active prioritisation of significant cases and greater attempts at speedy resolution of disputes without the issuing of a formal decision notice.

For the ICO to improve its FOI casework handling is important and will be a relief to frustrated requesters.

However it is essential as well for the ICO to tackle the crucial systemic issues of poor performance on FOI by numerous public authorities. This week the ICO also released a new framework for regulatory action.

While it is understandable that ICO staff wanted to have this revised policy in place before implementing a tougher stance, it is unclear for the moment how much tenacity will be deployed in carrying out its series of measures and enforcing better standards.

One early promising sign could be the practice recommendation it delivered this week to the Department of Health and Social Care, reprimanding the department over its failure to properly search non-corporate communication channels when responding to FOI requests.

In the Q&A session at the launch I raised one particularly egregious example of FOI deficiency, the fact that in the latest set of government statistics the Department for International Trade had breached the legal deadline for replying to requests an extraordinary 55% of the time.

I asked Edwards what more evidence he would need before taking enforcement action against a badly performing authority and he replied simply: ‘None’.

If this does indicate a much firmer attitude is being adopted, that then is good news and will be strongly welcomed by requesters pursuing their legal rights to information.

I understand the ICO has taken up the issue directly with the DIT. But how persistently determined it will actually be in tackling this sort of blatantly inadequate FOI record remains to be seen.

Edwards announced that he had persuaded government to set up a cross-Whitehall senior leadership group to drive improved compliance on data protection within the civil service. There is some hope within the ICO that this could in future be extended to cover systemic issues of government FOI compliance too.

Unlike his predecessor Elizabeth Denham whose extent of contact with the Cabinet Office had become minimal by the end of her tenure, Edwards says he’s happy with the level of engagement he has been getting from the Cabinet Office.

Edwards also stated that the ICO will be publishing its internal staff training materials on both FOI and data protection, and this is expected to happen soon.

The ICO has initiated a consultation exercise on the three-year plan. If you want to express your views, you can do so here.

ICO sets out new targets for improvement Read More »

The perils of @JCE_IC

From the internal briefings prepared for the new Information Commissioner John Edwards, it’s clear there has been rather a lot of angst among his senior colleagues about how he conducts his personal Twitter feed.

His account’s tone was casual and folksy when he was New Zealand’s Privacy Commissioner, combining some serious policy points with jokey remarks, funny videos and cultural criticism, while slipping into the occasional political controversy. As I said when I wrote about it before, I like its friendly informality, but I’m not at all surprised that his new cautious-minded colleagues seem deeply wary about the ‘risks’.

The induction documents recently released under FOI reveal how the ICO management assembled a battery of arguments and research to try to persuade him to adopt a more corporate approach for his tweeting.

They fear that his unofficial posts could be seen as the ICO’s organisational view and policy – perhaps they’re thinking of the time he described Facebook as ‘morally bankrupt pathological liars’.

They’re worried that his personal tweets could be ‘misconstrued’ – perhaps they saw the time he pointed out that a New Zealand opposition politician sent emails in comic sans.

They’re concerned that he could be seen as endorsing individuals or sub-tweeting – linking to a Guardian article that’s seven years old to explain to him the tricky etiquette of sub-tweeting.

They certainly don’t want him conversing with other Twitter users or getting involved in Twitter spats, recommending he should ‘reduce or limit interaction with other Twitter users’.

They warn him that ‘UK media have form of going through old tweets to try and find content that could be used critically’ and so maybe he should delete some of them, though obviously I worked through his back catalogue ages ago.

They would like him to change his Twitter bio so that it directs enquiries to @ICONews, but that hasn’t happened – yet.

And naturally they want him to focus his feed on ICO work and events, and tweet about this in a timely way. They’ve done their research and thus can draw attention to the anodyne content of the personal Twitter feeds of various other heads of UK public agencies – who are largely content to retweet their organisations’ press statements, with a little extra stuff on the wonderful work of whichever outpost they have just visited, perhaps a picture of some conference they’ve spoken at, and minimal interaction with anyone else. This familiar flow of earnest tedium is presented as ‘good practice’ in corporate social media.

Still it’s not all negative – they point out that the @ICONews Twitter account has ten times the followers that Edwards has personally, and therefore they ‘can help to grow’ his follower base.

Has it changed the tone of his tweets? Maybe Edwards is being a bit more careful and corporate, but we’re still getting the muppet videos and the cautionary tales of how to behave on trains.

The perils of @JCE_IC Read More »

Inducting Mr Edwards

John Edwards (Photo credit: PrivacyMaven – CC BY-SA 4.0)

In New Zealand they’re called BIMs – Briefings to Incoming Ministers – and it’s routine for these induction documents explaining background and policy options for the new office-holders to be published. It’s one example of how NZ outdoes the UK on government openness in policy formulation.

So perhaps the new Information Commissioner John Edwards, a New Zealander, was not surprised that someone (not me, by the way) put in a freedom of information request for the internal briefings he received on taking up his post in January.

In response the ICO has now released a large batch of material covering 21 documents – there’s a lot to read when you want to be someone – and it sheds some fascinating light on the thinking within the organisation’s senior management team.

One point first: Anyone familiar with how FOI works in practice will note that the ICO has disclosed some internal discussion points which many UK public authorities would have sought to keep secret, claiming it would harm the free exchange of views (until the ICO overrules them several months later if the requester bothers to complain). Of course they’ve acted rightly in line with the public interest and set the correct example by releasing this material, but still credit to them for doing so. (Some information has been withheld, to protect frankness of discussion, their investigations, international relations, and legal advice.)

While much of the content is about data protection, and there’s some revealing analysis on the ICO’s overall strategy, I’ll focus on my interest, which is the FOI side of their work.

The ICO is clearly very sensitive to two common criticisms. Firstly, that it concentrates on data protection and privacy issues at the expense of FOI. Secondly, that it has failed to tackle the substantial and apparently growing delays affecting its FOI appeals casework – many complainants are now told they will have to wait nine months just for their appeal to be allocated to a case officer.

This can be seen in the briefing paper on developing FOI strategy. It argues against a simple focus on casework and enforcement with limited involvement in policy debate, largely because that would play into fears about the ICO neglecting FOI and encourage the view that FOI responsibilities should be given to another organisation.

The briefing papers also contain numerous references to the knock-on problems stemming from the ICO’s inability to stay on top of its FOI appeals caseload (which involves complaints about the handling of FOI requests by other public bodies).

The FOI strategy paper acknowledges that the delays in complaint handling ‘do understandably draw criticism’, although it argues the ICO is ‘hampered’ due to available resources. It also accepts that the ICO’s current enforcement powers are ‘arguably underused’.

A draft communications plan for the new commissioner’s ‘first 100 days’ is revealing when it expresses worry about initiating a campaign for Edwards to speak out about the ‘continued value’ of FOI. The fear is of resultant publicity risks, namely ‘poss criticism around a significant casework backlog’.

I have to confess that on this point the ICO comms team have got people like me bang to rights. When the ICO press office drew attention to Edwards talking about the benefits of FOI in a media interview, this is indeed the theme I picked up on.

This briefing also notes concern that it could open up questions of charging for FOI requests, a topic Edwards surprisingly raised at his select committee appointment hearing, to the consternation of openness campaigners. He later told me that it was an ‘off the cuff response’ linked to his experience in New Zealand. But the paper also argues this would be an ‘opportunity to set record straight and keep civil society stakeholders at bay for a while’.

Another campaign idea considered is one to ‘highlight how FOI has informed public debate’ and ‘remind people how to make FOI requests’. But the document again points out a possible downside for an organisation which can’t handle its current caseload: generating more FOI requests would ultimately put ‘increased pressure’ on the resources of the ICO.

A paper on overall strategic planning includes this for a ‘draft enduring strategic objective’: ‘We will not continue to simply grow the approach of dealing with more and more appeals with static or net reductions in grant-in-aid funding but will instead focus on encouraging public authorities to be more transparent and open, publishing more information routinely and so avoiding the need for the public to escalate appeals to the ICO.’

However, the notion that more routine publication will avoid ICO appeals is a futile and irrelevant hope. Proactive release of information is a good thing, but there is very limited overlap between the material organisations will willingly agree to publish routinely, and the contentious requests for material that requesters really want to access which reach the ICO.

What would cut ICO casework is getting authorities to adopt habits of responding on time and releasing the information that they should release, which needs tougher enforcement.

When Chris Graham became Information Commissioner in 2009, he made it his top priority to reduce the organisation’s then appalling FOI casework backlog. He felt it was necessary so that the ICO could speak with credibility and authority. By thoroughly reviewing processes and structures within existing resource levels, and bringing a spirit of determination that boosted morale and swept aside the fatalism of some staff, he succeeded.

These documents indicate how today’s ICO is constrained by its organisational failure to stay on top of its FOI casework.

There are other interesting themes to be gleaned from all the induction briefing papers, including:

  • A report on the backlog in the ICO’s own FOI requests (this is distinct to the backlog for complaints about other organisations), which says that by the end of June they expect to reach their target of answering 92% of requests within the legal time limit.
  • A paper from the ICO’s Parliament and Government Affairs department, its lobbying team, which states that one of PGA’s ‘important functions’ is to ‘facilitate any necessary engagement’ between government and the ICO’s enforcement and casework sections – which surprised me and suggests an uneasy crossover of internal roles for a regulator.
  • A list of what the management think the other ranks might ask Edwards at an initial all-staff Q&A session, from matters of top-level strategy to the vexed issues of car parking and will he base himself in Manchester or London;
  • A media guide containing the press office’s views, positive and negative, on certain journalists;
  • And a lot of unease about the new Commissioner’s personal Twitter feed, which merits a blog post of its own.

Inducting Mr Edwards Read More »

John Edwards, the kindly stranger and the funny tweets

The new UK Information Commissioner, John Edwards, takes office today, after recently flying across the globe from New Zealand where he was Privacy Commissioner – and, as he reported on Twitter, encountering on arrival a kindly stranger at Gatwick airport who gave him a pound coin to unlock a luggage trolley.

However the UK’s FOI community are not convinced that Edwards himself will turn out to be a kindly stranger. Indeed his arrival in the post is regarded with some trepidation.

John Edwards (Photo credit: PrivacyMaven – CC BY-SA 4.0)

This is primarily because of the surprising and indeed disconcerting remarks which Edwards made in September to the House of Commons DCMS committee, at his pre-appointment hearing.

In the FOI section he quickly and without prompting raised the topic of what he called the “extraordinary administrative burden” arising from some FOI requests, and added that “it is legitimate to ask a requester to meet the cost of some of that administration, otherwise you see there is a potential for cross-subsidisation of people who are overusing or even abusing those rights”.

Edwards also expressed a distinct lack of enthusiasm for expanding freedom of information further for private sector bodies who are contracted to deliver public services – “I suppose extending FOI to cover those organisations would be one option”, he replied rather guardedly to this suggestion from an MP.

These statements are a contrast to the stronger pro-transparency stances adopted by previous UK Information Commissioners, who have opposed fees for freedom of information requests, defended FOI against rhetoric about “burden” and “abuse”, and advocated such a broadening of the FOI system.

Nevertheless, for those who like a more positive take, there is a more optimistic viewpoint. This is that Edwards was effectively talking about the situation in New Zealand rather than the UK.

From his remarks he seemed unaware of the tight legal cost limits that apply to FOI responses in the UK. These curtail the administrative effort and cap costs, and also push requesters (or at least the more effective ones) into making narrower rather than wide-ranging applications. Such specific limits do not exist in New Zealand, where the law instead does allow charging for some FOI requests but for a range of reasons public bodies often do not make requesters pay.

Possibly Edwards had briefed himself inadequately on the FOI part of his new role. But that could also turn out to be a problem, if it is symptomatic of a neglect of FOI.

This has already been a serious issue at the UK Information Commissioner’s Office, whose resources, public statements and high profile casework in recent years have increasingly been dominated by the data protection side of their responsibilities, to the detriment of their FOI work.

And in New Zealand as Privacy Commissioner for eight years, Edwards himself was focused on the data protection and privacy field. The country’s freedom of information system is enforced by a different regulator, the Ombudsman (Edwards worked there much earlier in his career).

However, there are some positive views on government transparency in the personal blog Edwards wrote when a lawyer in private practice, before becoming Privacy Commissioner.

In one 2011 piece he argued for the disclosure of free and frank policy advice as “precisely what the electorate needs”. In 2012 he praised the release of briefings for incoming ministers, even if this meant they were then written with a view to public consumption, on the basis that “officials should prepare advice that to the greatest extent possible can stand up to public scrutiny”.

The disclosure of internal government policy advice and especially cabinet papers, particularly once decisions have been taken, has gone much further in New Zealand than under FOI in the UK (although journalists there are still not happy about what they don’t get). If it turned out that Edwards actually wanted to import some of that culture and practice from back home into the UK FOI system it could have a big effect on the role of the ICO.

(Incidentally, his blog also reveals that the Gatwick luggage trolley incident was not the first time he was saved financially by a helpful representative of Britain. As a young budget traveller he once faced a tricky situation with some Bolivian officials who demanded an extortionate sum to stamp his passport. Fortunately he was rescued by the intervention of the British Consul and her insistence on “bureaucratic banalities” – she maintained that any such payment would need a receipt, which for some reason the law enforcers of La Paz were reluctant to provide. And whether for good or ill, Edwards is now about to encounter more of the bureaucratic banalities of the British state).

Ensuring that freedom of information does get enough attention from his office and is pursued with energy and commitment is one crucial challenge facing the new Commissioner. Another is rectifying the sorry state of how the ICO itself complies with FOI law.

The Privacy Commissioner’s office in NZ is subject to the information rights regime of the country’s Official Information Act (OIA). In the four-year period of 2017-21 it received 130 information requests, of which only one was answered outside the legal timeframe. And the Ombudsman’s office tells me that during Edwards’ tenure as Privacy Commissioner it did not uphold a single OIA complaint against the PC.

If Edwards can grasp the issue here with determination and replicate something like that sort of performance at the ICO it would indeed be a major achievement, but the ICO is a much bigger and more complex organisation with a much larger casework, and a very poor track record recently on handling its own FOI requests, which often gives the ICO the embarrassing task of rebuking itself.

In his valedictory office webinar in New Zealand, Edwards cautiously stressed the “constant tension” and “balance” between assisting organisations to achieve their objectives and being an assertive regulator and enforcer. That was in the context of data protection, but in the FOI area as well his impact will depend on which side of that balance he actually gives most weight to.

It will also rest on what is now his personal balance between seeing the world through the perspective of administratively minded state officials or that of a lawyer representing the individual rights of citizens.

One of his New Zealand habits that it looks like Edwards will maintain is his personal Twitter feed. Informal, folksy, casual and sometimes glib, its tone and content will be rather unusual for a top-ranking British public figure at a state regulatory body.

He has combined serious points on privacy policy and some later deleted stinging criticism of Facebook (“morally bankrupt pathological liars”), with comments on the latest cinematic releases, lots of jokey remarks and funny videos, and an occasional willingness to get involved in political controversy.

It sometimes caused him trouble in New Zealand, and unless he’s very careful I predict it will cause him more trouble here (in many ways I think that’s a shame, as I like his friendly informality, but that’s how things work), despite the proclamation in his pinned tweet below:

His recent “I could have been someone” tweet also captured above was presumably a Christmas reference to the lyrics of Fairytale of New York. Whatever deeper personal meaning may lie hidden in his gnomic expression we can only guess at. Still, if you meet him your opening conversational gambit could be “Well, so could anyone” (perhaps after you’ve offered him a pound coin).

What kind of “someone” will he turn out to be as UK Information Commissioner?

Somebody in New Zealand who has observed Edwards’ work closely over many years told me: “He genuinely cares about people’s well-being and that institutions are well governed”.

If Edwards wants to deliver on these two notions in the freedom of information field here, he needs to ensure (a) that people’s individual rights to access public sector information are enforced rigorously and assertively, defended against resistance and backlash, and ideally extended; and (b) that the ICO itself becomes a prompt and efficient and well-governed institution in handling information casework and requests.

We shall see. Meanwhile I find it difficult to imagine any of his predecessors as Information Commissioner so gleefully tweeting this video.

Update

John Edwards has responded to my blog above with the following comments on Twitter:

“I think any trepidation of the sort you mention, based as it is on a single off the cuff response at select committee, informed, as you say, by my NZ experience, is misplaced. I have always been a strong advocate for FOI, and will continue be in my new role.”

“Also, what you have characterised as “a distinct lack of enthusiasm for expanding freedom of information further for private sector” was more in the nature of a thoughtful pause to consider the various different ways that could be achieved.”

He also said: “I didn’t even know those old blog posts were still accessible!”


John Edwards, the kindly stranger and the funny tweets Read More »